A large proportion of SMEs are failing to recognise email phishing attempts, a new survey has found.
The survey, conducted by IT services company, Conosco, found that 98 per cent of respondents (including a number of IT professionals) failed to recognise a fake email.
“Phishing” is an attempt to obtain sensitive information, including usernames, passwords and credit card details, by masquerading as a trustworthy entity – such as an email from your local bank.
The “Real or Steal” challenge involved working professionals judging a series of emails and trying to decide if each one was genuine.
Around 70 per cent got more than half the answers right, but only six per cent managed 100 per cent success, meaning the vast majority of businesses are exposed to phishing attempts.
Max Mlinaric, managing director of Conosco, said: “When there is a security breach in blue chip companies you tend to hear of it, and can wrongly assume large companies are most commonly targeted.
“SMEs often present easier pickings for the hackers, as IT skills, security levels, awareness and sometimes personnel training are sometimes lower than in large companies which have deeper pockets. It is crucial that SMEs ensure their IT is as secure as possible, that complacency is battled and their staff are regularly trained in resisting phishing attempts.”